2018-01-09 09:44:15 |
Adam Heczko |
bug |
|
|
added bug |
2018-01-09 09:44:34 |
Adam Heczko |
description |
Detailed bug description:
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
Fuel node ships with Cobbler used for cloud deployment purposes. Although Cobber API is not meant to use over the network from Fuel node we need to provide updated Cobbler packages for Fuel.
https://github.com/cobbler/cobbler/issues/1845 |
Detailed bug description:
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
Fuel node ships with Cobbler used for cloud deployment purposes. Although Cobber API is not intended to use over the network from Fuel node we need to provide updated Cobbler packages for Fuel.
https://github.com/cobbler/cobbler/issues/1845 |
|
2018-01-09 09:44:53 |
Adam Heczko |
description |
Detailed bug description:
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
Fuel node ships with Cobbler used for cloud deployment purposes. Although Cobber API is not intended to use over the network from Fuel node we need to provide updated Cobbler packages for Fuel.
https://github.com/cobbler/cobbler/issues/1845 |
Detailed bug description:
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
Fuel node ships with Cobbler used for cloud deployment purposes. Although Cobber API is not intended to use over the network we need to provide updated Cobbler packages for Fuel.
https://github.com/cobbler/cobbler/issues/1845 |
|
2018-01-09 09:45:19 |
Adam Heczko |
description |
Detailed bug description:
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
Fuel node ships with Cobbler used for cloud deployment purposes. Although Cobber API is not intended to use over the network we need to provide updated Cobbler packages for Fuel.
https://github.com/cobbler/cobbler/issues/1845 |
Detailed bug description:
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
Fuel node ships with Cobbler used for cloud deployment purposes. Although Cobber API is not intended to use over the network in Fuel use case we need to provide updated Cobbler packages.
https://github.com/cobbler/cobbler/issues/1845 |
|
2018-01-09 09:46:03 |
Adam Heczko |
nominated for series |
|
fuel/8.0.x |
|
2018-01-09 09:46:03 |
Adam Heczko |
bug task added |
|
fuel/8.0.x |
|
2018-01-09 09:46:03 |
Adam Heczko |
nominated for series |
|
fuel/7.0.x |
|
2018-01-09 09:46:03 |
Adam Heczko |
bug task added |
|
fuel/7.0.x |
|
2018-01-09 09:46:09 |
Adam Heczko |
fuel/7.0.x: importance |
Undecided |
Medium |
|
2018-01-09 09:46:12 |
Adam Heczko |
fuel/8.0.x: importance |
Undecided |
Medium |
|
2018-01-09 09:46:21 |
Adam Heczko |
fuel/7.0.x: milestone |
|
7.0-updates |
|
2018-01-09 09:46:26 |
Adam Heczko |
fuel/8.0.x: milestone |
|
8.0-updates |
|
2018-01-09 09:46:36 |
Adam Heczko |
fuel: assignee |
|
MOS Maintenance (mos-maintenance) |
|
2018-01-09 09:46:42 |
Adam Heczko |
fuel/7.0.x: assignee |
|
MOS Maintenance (mos-maintenance) |
|
2018-01-09 09:46:54 |
Adam Heczko |
fuel/8.0.x: assignee |
|
MOS Maintenance (mos-maintenance) |
|
2018-01-13 05:16:17 |
Alexander Rubtsov |
bug |
|
|
added subscriber Alexander Rubtsov |
2018-01-13 05:17:06 |
Alexander Rubtsov |
tags |
feature-security |
customer-found feature-security sla2 |
|
2018-01-22 14:24:28 |
Denis Meltsaykin |
fuel: milestone |
9.x-updates |
9.2-mu-5 |
|
2018-01-22 14:24:32 |
Denis Meltsaykin |
fuel: status |
New |
Confirmed |
|
2018-02-07 13:05:11 |
Denis Meltsaykin |
fuel: status |
Confirmed |
Fix Committed |
|
2018-03-07 08:22:42 |
Vladimir Jigulin |
fuel: status |
Fix Committed |
Fix Released |
|